Cybersecurity is a constant game of trying to keep one step ahead of the hackers, whether in terms of software updates, or in educating employees and co-workers in the dangers posed by social engineering or phishing attacks. While previous years featured the introduction of broad attacks in the form of ransomware or cryptomining malware, recent trends have shown three new focuses, according to an article in ZDNet.
Increased personalized targeting of attacks:
Whereas before hackers could be indiscriminate in the deployment of their attacks, cybercriminals are learning to focus on specific industries, organizations or systems, with the intent of maximizing their returns and minimizing risk of exposure. Says Assaf Dahan, head of threat research at Cybereason, “If I were to develop a malware that’s very focused on stealing financial data from British banks, why would I bother infecting people in Bolivia or China? The more it’s proliferated, the greater the risk that it’ll get caught.”
Targeting of non-Windows or other non-standard devices:
With Windows being an extremely common platform, it is also one which most cybersecurity professionals are familiar with, and a focus for much of existing security monitoring. Consequently, unusual activity on these machines is often detected more easily than on less understood or less monitored machines. Instead, hackers are shifting their focus from individual PCs to servers. Says Chet Wisniewski, principal research scientist for Sophos, “Servers don’t have nearly the same protections in place that desktops do. The same company that tells me they do ‘Patch Tuesday’ within 10 days for desktops will tell me its 90 days for server,” he explains, adding: “Those servers are glaring weak-spots in our strategy currently and the criminals are going straight for it.”
Exploiting artificial intelligence
Machine learning represents a new potential threat, as hackers look to develop new software that will modify itself based on previous detections to avoid future detections. While still limited in potential by the small number of people who are experts in machine learning, the concern is that, as it becomes more commonplace, it will become commoditized and available to the inexperienced. Says Mikko Hyppönen, chief research officer at F-Secure, “Things are getting easier and easier to use. Eventually systems will become so easy to use that any idiot will be able to use them – and that’s when we’ll see attacks using machine learning. This might be just a year away, we’ll see, but it’s not very far.”
